- From: Firstyear via GitHub <sysbot+gh@w3.org>
- Date: Thu, 07 Jul 2022 00:17:08 +0000
- To: public-webauthn@w3.org
> > The new `BE` flag in L3 signals whether the credential is hardware-bound to the secure element (when combined with an appropriate attestation). > > I disagree with this statement. The `BE` flag means that the key is allowed to be backed up. It does not make any statements about the storage of the key or its security properties. > > As mentioned in the original PR comments, these bits are designed to drive business logic and user experiences, not convey authenticator security properties. Yep, agreed. This would be an extra bit field that gives an extended property about the storage of the key. When combined with the BE flags, it allows an RP to understand quite a lot about the authenticators properties above and beyond the MDS "descriptions". -- GitHub Notification of comment by Firstyear Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1761#issuecomment-1176879242 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 7 July 2022 00:17:10 UTC